Default Settings - Cisco AP776A - Nexus Converged Network Switch 5020 Configuration Manual

Default Settings

S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
sw10.1.1.100(config-crypto-map-ip)# set transform-set tfs-01
sw10.1.1.100(config-crypto-map-ip)# end
sw10.1.1.100#
Bind the interface to the crypto map set in Switch MDS A.
Step 4
sw10.1.1.100# conf t
sw10.1.1.100(config)# int gigabitethernet 7/1
sw10.1.1.100(config-if)# ip address 10.10.1.123 255.255.255.0
sw10.1.1.100(config-if)# crypto map domain ipsec cmap-01
sw10.1.1.100(config-if)# no shut
sw10.1.1.100(config-if)# end
sw10.1.1.100#
You have now configured IPsec in MDS A using the Cisco MDS IPsec and iSCSI features.
Default Settings
Table 37-3
Table 37-3
Parameters
IKE
IKE version
IKE encryption algorithm
IKE hash algorithm
IKE authentication method
IKE DH group identifier
IKE lifetime association
IKE keepalive time for each peer (v2) 3,600 seconds (equals 1 hour).
Table 37-4
Table 37-4
Parameters
IPsec
Applying IPsec to the traffic.
IPsec PFS
IPsec global lifetime (traffic-volume)
IPsec global lifetime (time)
Cisco MDS 9000 Family CLI Configuration Guide
37-40
lists the default settings for IKE parameters.
Default IKE Parameters
lists the default settings for IPsec parameters.
Default IPsec Parameters
Chapter 37
Default
Disabled.
IKE version 2.
3DES.
SHA.
Preshared keys.
Group 1.
86,400 00 seconds (equals 24 hours).
Default
Disabled.
Deny—allowing clear text.
Disabled.
450 Gigabytes.
3,600 seconds (one hour).
Configuring IPsec Network Security
OL-18084-01, Cisco MDS NX-OS Release 4.x